CVE-2014-0763
published 2014-04-12CVE-2014-0763: An attacker using SQL injection may use arguments to construct queries without proper sanitization. The DBVisitor.dll is exposed through SOAP interfaces, and…
PriorityP259high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
19.03%
97.0th percentile
An attacker using SQL injection may use arguments to construct queries
without proper sanitization. The DBVisitor.dll is exposed through SOAP
interfaces, and the exposed functions are vulnerable to SOAP injection.
This may allow unexpected SQL action and access to records in the table
of the software database or execution of arbitrary code.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| advantech | advantech_webaccess | <= 7.1 | — |
| advantech | advantech_webaccess | — | — |
| advantech | advantech_webaccess | — | — |
| advantech | advantech_webaccess | — | — |
| advantech | webaccess | <= 7.1 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor SOAP requests targeting DBVisitor.dll for SQL injection patterns (unexpected SQL metacharacters or stacked queries in SOAP body parameters). ↗
- →Alert on SOAP/HTTP requests to the ChartThemeConfig web service endpoint containing SQL injection payloads; exploitation can result in credential (username/hash) extraction from the database. ↗
- →Scope detection to Advantech WebAccess version 7.1 deployments; the vulnerability is confirmed in that specific version. ↗
- ·The Metasploit module targets Advantech WebAccess 7.1 specifically; applicability to other versions should be verified before deploying detections. ↗
- ·The attack surface is the SOAP interface; ensure network monitoring covers SOAP/HTTP traffic to the WebAccess server, not just standard web traffic. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Advantech WebAccess Vulnerabilities
cisa_ics·2018-09-06
Advantech WebAccess Vulnerabilities
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Advantech WebAccess Vulnerabilities
Last RevisedSeptember 06, 2018
Alert CodeICSA-14-079-03
## OVERVIEW
This advisory is a follow-up to the original advisory titled “ICSA-14-079-03P Advantech WebAccess Vulnerabilities” that was posted to the US-CERT secure Portal library March 20, 2014.
Researchers working with HP’s Zero Day Initiative (ZDI), Andrea Micalizzi, aka rgod, Tom Gallagher, and an independent anonymous researcher, have identified several vulnerabilities in Advantech’s WebAccess application. ZDI reported them to NCCIC/ICS‑CERT. Advantech has produced a new version tha
GHSA
GHSA-9cmf-7pgf-j9g9: Multiple SQL injection vulnerabilities in DBVisitor
ghsa_unreviewed·2022-05-17
CVE-2014-0763 [HIGH] CWE-89 GHSA-9cmf-7pgf-j9g9: Multiple SQL injection vulnerabilities in DBVisitor
Multiple SQL injection vulnerabilities in DBVisitor.dll in Advantech WebAccess before 7.2 allow remote attackers to execute arbitrary SQL commands via SOAP requests to unspecified functions.
No detection rules found.
No writeups or analysis indexed.
2014-04-12
Published